Arcms SQL Injection Scanner

Arcms is a content management system that is widely used by web developers and companies for creating and managing digital content. It is built on the layUI framework and arphp, making it a versatile choice for developers looking for a robust CMS solution. Many companies in diverse industries use Arcms to manage their websites, benefiting from its flexible and scalable architecture. With Arcms, users can easily handle a variety of content types and workflows, making it an efficient tool in the web development process. Being open-source, Arcms allows developers to customize and extend its functionalities according to their specific needs. It is especially popular among small to medium-sized enterprises looking to establish a significant online presence without incurring large costs.

The SQL Injection vulnerability in Arcms allows attackers to inject and execute arbitrary SQL commands against the database. This vulnerability stems from insufficient input validation processes, which can be exploited through the 'limit' parameter. An attacker can manipulate SQL queries by sending specially crafted inputs, thereby accessing unauthorized data. The issue appears within several files in Arcms, including ctl/main/Json.php and comp/Db/Mysql.php. Web applications utilizing older versions of Arcms are particularly susceptible to this vulnerability. Exploiting this vulnerability can have significant security implications, often leading to data exposure or unauthorized access to sensitive information.

Technical details of the SQL Injection vulnerability in Arcms include the improper handling of the 'limit' parameter, which allows the execution of SQL commands within ctl/main/Json.php and related files. This occurs due to unsanitized inputs being included directly into SQL commands, leading to potential data leaks or modifications. An endpoint, such as json/newslist, can be targeted using crafted input to expose or alter data. The curl request 'GET /json/newslist?key=111&limit=1%20procedure%20analyse(extractvalue(rand(),concat(0x7e,md5(123))),1)' exemplifies how an attacker might inject malicious SQL payloads. By exploiting this, attackers may ultimately gain full control over the application's database layer.

Exploiting the SQL Injection vulnerability in Arcms can lead to severe consequences, such as unauthorized data retrieval and possible data manipulation. Malicious actors can access sensitive information, including user credentials, personal data, and other critical database contents. Additionally, it could allow for database schema manipulation, data corruption, or even leveraging access to further infiltrate network resources. This breach could result in loss of data integrity, confidentiality breaches, and loss of business reputation. Moreover, if exploited, attackers might use the compromised system to launch further attacks on interconnected networks or systems.